Background
CORS (Cross-origin resource sharing) is a security feature implemented in modern browsers which is intended to block cross-origin content. In the case of Videos for Confluence, however, this doesn’t constitute a security issue; it is even necessary as the content stored in an AWS S3 bucket is to be displayed in Confluence. Therefore you need to configure CORS settings for the S3 bucket if you are using AWS storage for Videos for Confluence.
Answer
For convenience we have added a button to the AWS storage configuration in Videos for Confluence. The button “Configure CORS” on the tab “Storage configuration” will trigger the appropriate settings for your S3 bucket.
Case 1: Create an S3 bucket when configuring AWS storage for Videos for Confluence.
If you create your S3 bucket directly through the app interface, no additional action is required as all required settings will be configured automatically.
Case 2: Use an existing S3 bucket.
If you configure an existing S3 bucket to be used for Videos for Confluence, you will need to press the button once after the storage setup has been concluded.
Case 3: The base URL of your Confluence instance changes.
If you change the base URL of your Confluence instance - what will hopefully happen rather rarely -, you need to readjust the CORS settings by pressing the button once again, as the CORS settings exclusively reference your specific Confluence URL.
If you would like to adjust the settings manually, these are the ones to add in AWS under S3 > Permissions > CORS:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT"
],
"AllowedOrigins": [
"<domain of your Confluence instance>"
],
"ExposeHeaders": []
}
]